73322a0e55
Enable frozen string in app/controllers/**/*.rb
...
Enables frozen string for the following:
* app/controllers/*.rb
* app/controllers/admin/**/*.rb
* app/controllers/boards/**/*.rb
* app/controllers/ci/**/*.rb
* app/controllers/concerns/**/*.rb
Partially addresses #47424 .
2018-09-18 21:22:45 -07:00
34ec29b956
Support multiple scopes when using authing container registry scopes
2018-08-01 13:03:16 +02:00
4ee08b77bc
Updates from `rubocop -a`
2018-07-09 21:13:08 +08:00
5bc58bac26
Handle limit for datetime attributes on MySQL
...
The TIMESTAMP data type is used for values that contain both date and
time parts. TIMESTAMP has a range of '1970-01-01 00:00:01' UTC to
'2038-01-19 03:14:07' UTC.
A Forever lib class was included to handle future dates for PostgreSQL
and MySQL, also changes were made to DeployToken to enforce Forever.date
Also removes extra conditional from JwtController
2018-04-06 22:28:44 -05:00
7deab31722
Removes logic from Jwt and handle different scenarios on Gitlab::Auth
...
- When using 'read_repo' password and project are sent, so we used both
of them to fetch for the token
- When using 'read_registry' only the password is sent, so we only use
that for fetching the token
2018-04-06 21:20:16 -05:00
aaa6d80870
Implement read_registry for DeployTokens
2018-04-06 21:20:16 -05:00
a1781a4941
Consistently use PersonalAccessToken instead of PersonalToken
2017-11-02 11:39:02 +01:00
0430b76441
Enable Style/DotPosition Rubocop 👮
2017-06-21 13:48:12 +00:00
cb5a5eb892
Instruct user to use a personal access token for Git over HTTP
...
If internal auth is disabled and LDAP is not configured on the instance,
present the user with a message to create a personal access token if his
Git over HTTP auth attempt fails.
2017-06-07 21:12:51 -04:00
9fcc3e5982
Fix test failures
2017-06-06 16:19:15 +02:00
0b81b5ace0
Create read_registry scope with JWT auth
...
This is the first commit doing mainly 3 things:
1. create a new scope and allow users to use it
2. Have the JWTController respond correctly on this
3. Updates documentation to suggest usage of PATs
There is one gotcha, there will be no support for impersonation tokens, as this
seems not needed.
Fixes gitlab-org/gitlab-ce#19219
2017-06-05 12:26:49 +02:00
d40e1f547e
Enable the Style/TrailingCommaInLiteral cop
...
Use the EnforcedStyleForMultiline: no_comma option.
Signed-off-by: Rémy Coutable <remy@rymai.me>
2017-05-10 18:25:45 +02:00
1fe7501b49
Revert "Prefer leading style for Style/DotPosition"
...
This reverts commit cb10b725c8929b8b4460f89c9d96c773af39ba6b.
2017-02-23 09:33:05 -06:00
eacae00516
Enable Style/MultilineHashBraceLayout
2017-02-23 09:32:22 -06:00
206953a430
Prefer leading style for Style/DotPosition
2017-02-23 09:32:22 -06:00
b7d8df503c
Enable Style/MutableConstant
2017-02-23 09:31:56 -06:00
170efaaba2
Enable Style/MultilineOperationIndentation in Rubocop, fixes #25741
2016-12-16 21:37:22 +03:00
32042ef56a
Merge branch 'unauthenticated-container-registry-access' into 'security'
...
Restore unauthenticated access to public container registries
Fixes https://gitlab.com/gitlab-org/gitlab-ce/issues/24284
See merge request !2025
Signed-off-by: Rémy Coutable <remy@rymai.me>
2016-11-09 12:28:29 +01:00
137a801615
Be nice to Docker Clients talking to JWT/auth
2016-09-27 16:59:05 +02:00
cf6a35f09a
Improve JwtController implementation
2016-09-20 19:15:13 +02:00
e941365f3b
Rename capabilities to authentication_abilities
2016-09-16 11:12:21 +02:00
5f45ddc545
Fix specs after merging LFS changes
2016-09-15 22:23:43 +02:00
9d1ccd2ad3
Fix existing authorization specs
2016-09-15 13:49:11 +02:00
11f87700e8
Add access specs
2016-09-15 11:57:09 +02:00
6b381f3fdf
Use `build_read_container_image` and use `build_download_code`
2016-09-15 10:34:53 +02:00
571226f166
Make result to return project and capabilities granted
2016-09-13 15:27:05 +02:00
505dc808b3
Use a permissions of user to access all dependent projects from CI jobs (this also includes a container images, and in future LFS files)
2016-09-13 13:30:26 +02:00
892dea6771
Project tools visibility level
2016-09-01 11:47:59 -03:00
0e896ffe4e
Improve Gitlab::Auth method names
...
Auth.find was a very generic name for a very specific method.
Auth.find_in_gitlab_or_ldap was inaccurate in GitLab EE where it also
looks in Kerberos.
2016-06-10 14:51:16 +02:00
ff7c4e588a
Remove code duplication in JwtController
2016-06-06 17:40:30 +02:00
1fab583266
Remove instances of Auth.new
2016-06-03 17:08:44 +02:00
7ec1fa212d
Make authentication service for Container Registry to be compatible with < Docker 1.11
2016-05-30 16:57:39 +02:00
646018a40e
Fix the CI login to Container Registry (the gitlab-ci-token user)
2016-05-23 00:34:51 +02:00
8d445fe665
Improve JwtController
2016-05-14 19:45:33 -05:00
f4f9184a01
Rename JWT to JSONWebToken
2016-05-14 18:23:31 -05:00
46cc04ce7a
Add TODO
2016-05-14 14:17:04 -05:00
393459b2b2
Improve code design after review
2016-05-14 14:04:04 -05:00
63cdf1aeb0
Use Auth::ContainerRegistryAuthenticationService
2016-05-14 11:11:48 -05:00
e900ff972a
Improve JwtController code
2016-05-13 16:23:02 -05:00
9ef9e008fe
Move JWT to Gitlab::JWT
2016-05-13 16:22:50 -05:00
fc2d985bfa
Fix CI tests
2016-05-12 12:47:55 -05:00
b180d79cdc
Rename DockerAuthenticationService to ContainerRegistryAuthenticationService
2016-05-09 22:04:42 +03:00
daca2144c8
Make code more clear in what is done
2016-05-09 20:47:06 +03:00
011a905a82
Split docker authentication service
2016-05-02 14:32:16 +02:00
105017c308
Added JWT controller
2016-05-02 13:29:17 +02:00
gfyoung
Kamil Trzciński
Lin Jen-Shin
Mayra Cabrera
Douwe Maan
Grzegorz Bizon
Robin Bobbitt
Z.J. van de Weg
Rémy Coutable
Rydkin Maxim
Alejandro Rodriguez
Felipe Artur
Jacob Vosmaer